Icinga

From ArchWiki
Jump to navigation Jump to search

Icinga is an open source host, service and network monitoring program. It monitors specified hosts and services, alerting you to any developing issues, errors or improvements. This article describes the installation and configuration of Icinga.

Installation

Install icinga2AUR from the AUR.

You may also want to install monitoring-plugins from the Community repositories.

Start and enable the icinga2.service.

Icinga Web 2

Install icingaweb2AUR and optionally icingaweb2-module-directorAUR from the AUR.

Enable the icinga-director.service if you installed director.

Configure web server

If you use php-fpm, you will have to apply the following override:

/etc/systemd/system/php-fpm.service.d/override_icingaweb2.conf
[Service]
ReadWritePaths = /etc/icingaweb2

nginx

Example server block:

server {
	listen 80;
	listen [::]:80;
	server_name localhost;
	root /usr/share/webapps/icingaweb2/public;
	location ~ ^/icingaweb2/index\.php(.*)$ {
		fastcgi_pass unix:/run/php-fpm/php-fpm.sock;
		fastcgi_index index.php;
		include fastcgi_params;
		fastcgi_param SCRIPT_FILENAME /usr/share/webapps/icingaweb2/public/index.php;
		fastcgi_param ICINGAWEB_CONFIGDIR /etc/icingaweb2;
		fastcgi_param REMOTE_USER $remote_user;
	}
	location ~ ^/icingaweb2(.+)? {
		alias /usr/share/webapps/icingaweb2;
		index index.php;
		try_files $1 $uri $uri/ /icingaweb2/index.php$is_args$args;
	}
}

Apache

If you get 503 'Access denied' errors, check in these configuration files to see if you are allowed to visit the page:

 Order allow,deny
 Allow from all

in sections <Directory "/usr/local/icinga-web/lib/ext3/"> and <Directory "/usr/local/icinga-web/pub/">.

Configure PHP

Uncomment the following extensions in /etc/php/php.ini:

curl
gettext
pdo_mysql - MariaDB setups
pdo_pgsql - PostgreSQL setups
pgsql - PostgreSQL setups
intl - Icinga Web 2
sockets - Director

Configure Icinga

You can choose either PostgreSQL or MariaDB to use as a backend for Icinga.

By default Icinga uses the following files and directories:

# /etc/icinga2	                Contains Icinga 2 configuration files.
# /usr/sbin/icinga2*	        The Icinga 2 binary.
# /usr/share/doc/icinga2	Documentation files that come with Icinga 2.
# /usr/share/icinga2/include	The Icinga Template Library and plugin command configuration.
# /var/run/icinga2	        PID file.
# /var/run/icinga2/cmd	        Command pipe and Livestatus socket.
# /var/cache/icinga2	        status.dat/objects.cache, icinga2.debug files
# /var/spool/icinga2	        Used for performance data spool files.
# /var/lib/icinga2	        Icinga 2 state file, cluster log, local CA and configuration files.
# /var/log/icinga2	        Log file location and compat/ directory for the CompatLogger feature.

Automatically

Generate a setup token and let Icinga Web 2 handle it by using the setup page:

# icingacli setup config directory --group icingaweb2;
# icingacli setup token create;

http://localhost/icingaweb2/setup

Manually

In case you do not want to use Icinga Web 2 to configure everything for you.

MariaDB

https://icinga.com/docs/icinga2/latest/doc/02-installation/#setting-up-the-mysql-database

Create icinga user and db:

# mysql -u root -p
> CREATE DATABASE icinga;
> GRANT SELECT, INSERT, UPDATE, DELETE, DROP, CREATE VIEW, INDEX, EXECUTE ON icinga.* TO 'icinga'@'localhost' IDENTIFIED BY 'supersecretpassword';
> quit

Create icingaweb2 user and db:

# mysql -u root -p
> CREATE DATABASE icingaweb2;
> GRANT SELECT, INSERT, UPDATE, DELETE, DROP, CREATE VIEW, INDEX, EXECUTE ON icingaweb2.* TO 'icingaweb2'@'localhost' IDENTIFIED BY 'anothersecurepassword';
> quit

Import the icinga schema:

# mysql -u root -p icinga < /usr/share/icinga2-ido-mysql/schema/mysql.sql

Import the icingaweb2 schema:

# mysql -p icingaweb2 < /usr/share/webapps/icingaweb2/etc/schema/mysql.schema.sql

Create director database and user:

# mysql -u root -p
> CREATE DATABASE director CHARACTER SET 'utf8';
> CREATE USER director@localhost IDENTIFIED BY 'directorpassword';
> GRANT ALL ON director.* TO director@localhost;

Create a user to login to Icinga Web 2:

$ php -r 'echo password_hash("yourwebpassword", PASSWORD_DEFAULT);'

Use the hash you got from the previous command, replacing the hash in this example to insert a new user into the database:

# mysql -u root -p
> USE icingaweb2;
> INSERT INTO icingaweb_user (name, active, password_hash) VALUES ('icingaadmin', 1, '$2y$10$G.qLnALysvw3yr5wP70sF.KtlwB/xDYypRU3x2WZd6x3N0oBAXuIi');

Edit /etc/icinga2/features-available/ido-mysql.conf with your SQL details.

Enable ido-mysql:

# icinga2 feature enable ido-mysql

PostgreSQL

https://icinga.com/docs/icinga2/latest/doc/02-installation/#installing-postgresql-database-server

Create icinga user and db:

# sudo -u postgres psql -c "CREATE ROLE icinga WITH LOGIN PASSWORD 'supersecretpassword'"
# sudo -u postgres createdb -O icinga -E UTF8 icinga

Create icingaweb2 user and db:

# sudo -u postgres psql -c "CREATE ROLE icingaweb2 WITH LOGIN PASSWORD 'anothersecurepassword'"
# sudo -u postgres createdb -O icingaweb2 -E UTF8 icingaweb2

Import the icinga schema:

# psql -U icinga -d icinga < /usr/share/icinga2-ido-pgsql/schema/pgsql.sql

Import the icingaweb2 schema:

# psql -U icingaweb2 -d icingaweb2 < /usr/share/webapps/icingaweb2/etc/schema/pgsql.schema.sql

Create director database and user:

# sudo -u postgres psql -q -c "CREATE DATABASE director WITH ENCODING 'UTF8';"
# sudo -u postgres psql director -q -c "CREATE USER director WITH PASSWORD 'directorpassword'; GRANT ALL PRIVILEGES ON DATABASE director TO director; CREATE EXTENSION pgcrypto;"

Create a user to login to Icinga Web 2:

$ php -r 'echo password_hash("yourwebpassword", PASSWORD_DEFAULT);'

Use the hash you got from the previous command, replacing the hash in this example to insert a new user into the database:

# sudo -u postgres psql -d icingaweb2
icingaweb2=# INSERT INTO icingaweb_user (name, active, password_hash) VALUES ('icingaadmin', 1, '$2y$10$G.qLnALysvw3yr5wP70sF.KtlwB/xDYypRU3x2WZd6x3N0oBAXuIi');

Edit /etc/icinga2/features-available/ido-pgsql.conf with your SQL details.

Enable ido-pgsql:

# icinga2 feature enable ido-pgsql

Finally

Enable Icinga api:

# icinga2 api setup

Enable director module and its dependencies:

# icingacli module enable ipl
# icingacli module enable incubator
# icingacli module enable reactbundle
# icingacli module enable director

Create Director database schema:

# icingacli director migration run --verbose

Restart icinga2.service for the changes to apply.

If you chose to use Icinga Web 2, create appropriate .ini files (Use 'mysql' and '3306' for db and port if you use MariaDB):

/etc/icingaweb2/authentication.ini
[icingaweb2]
backend  = db
resource = icingaweb2
/etc/icingaweb2/resources.ini
[icingaweb2]
type                = "db"
db                  = "pgsql"
host                = "localhost"
port                = "5432"
dbname              = "icingaweb2"
username            = "icingaweb2"
password            = "anothersecurepassword"

[icinga2]
type                = "db"
db                  = "pgsql"
host                = "localhost"
port                = "5432"
dbname              = "icinga"
username            = "icinga"
password            = "supersecretpassword"

[director]
type                = "db"
db                  = "pgsql"
host                = "localhost"
port                = "5432"
dbname              = "director"
username            = "director"
password            = "directorpassword"
charset             = "utf8"
/etc/icingaweb2/roles.ini
[admins]
users               = "icingaadmin"
permissions         = "*"
/etc/icingaweb2/modules/director/config.ini
[db]
resource = "director"

Go to http://localhost/icingaweb2/ and try to login as 'icingaadmin' and your chosen password - if all works, you are done with the basic setup!

Upgrade database

New versions usually require an upgrade of the database. You can find the SQL upgrade scripts in the following folders:

/usr/share/icinga2-ido-mysql/schema/upgrade
/usr/share/icinga2-ido-pgsql/schema/upgrade
/usr/share/webapps/icingaweb2/etc/schema/mysql-upgrades
/usr/share/webapps/icingaweb2/etc/schema/pgsql-upgrades

To do the upgrade, cd into the appropriate folder as written above and import the schema, examples:

# mysql -u root -p icinga < ./2.8.1.sql
# mysql -u root -p icingaweb2 < ./2.5.0.sql
# psql -U icinga -d icinga < ./2.8.1.sql
# psql -U icingaweb2 -d icingaweb2 < ./2.5.0.sql

Restart icinga2.service for the changes to apply.

See also